Chefspec与Hashicorp Vault
Chefspec与Hashicorp Vault
提问于 2016-09-13 04:58:47
我正在尝试使用ChefSpec来测试Chef和Hashicorp Vault的实现
食谱
chef_gem 'vault' do
compile_time true if Chef::Resource::ChefGem.instance_methods(false).include?(:compile_time)
end
require 'vault'
Vault.address = 'https://address:8200'
Vault.token = citadel['foo/bar']
Vault.auth_token.renew_self测试
require_relative '../spec_helper'
describe 'wrapper::default' do
context 'role is foo' do
let(:chef_run) do
ChefSpec::SoloRunner.new(platform: 'ubuntu', version: '14.04') do |node|
node.default['role'] = 'foo'
const_set(:Vault, Module.new)
end.converge(described_recipe)
end
before(:each) do
allow_any_instance_of(Chef::Recipe).to receive(:require).and_call_original
allow_any_instance_of(Chef::Recipe).to receive(:require).with('vault').and_return(true)
allow_any_instance_of(::Vault).to receive(:address).and_call_original
allow_any_instance_of(::Vault).to receive(:address).with('https://localhost:8200').and_return(true)
end
it 'install vault gem' do
expect(chef_run).to install_chef_gem('vault')
end
end
end错误
Failure/Error: expect(Chef::Recipe::Vault).to receive(:address).and_call_original
NameError:
uninitialized constant Vault如何存根Vault变量?这是Hashicorp Vault不是chef-vault
回答 2
Stack Overflow用户
发布于 2020-01-30 16:35:51
我来到这里,仍然不能弄明白它,所以我最终将我的存储库代码移动到我自己的库中,我将它包含在菜谱中,所以我不能在ChefSpec运行时模拟它。
所以我在my-cookbook/libraries/my_vault.rb下使用了下面的代码:
require 'vault'
module MyVault
module Helpers
def get_vault_secret(secret)
Vault.configure do |config|
config.address = "#{node[:vault_url]}"
config.token = "#{node[:vault_token]}"
end
Vault.logical.read(secret)
end
end
end在我的食谱里:
Chef::Recipe.send(:include, MyVault::Helpers)
creds = get_vault_secret("secret/jmx")
user = creds.data[:user]
password = creds.data[:password]
template "/etc/app/jmx.password" do
source "jmx.password.erb"
mode 0600
owner "dev"
group "dev"
variables({
:user => user,
:password => password
})
end还有我的规格测试:
require 'chefspec'
require 'chefspec/berkshelf'
describe 'app::metrics' do
platform 'ubuntu', '14.04'
before do
response = Object.new
allow(response).to receive_messages(:data => {
:user => "benzi",
:password => "benzi"
})
allow_any_instance_of(Chef::Recipe).to receive(:get_vault_secret).and_return(response)
end
describe 'adds jmx.access to app folder' do
it { is_expected.to create_template('/etc/app/jmx.access')
.with(
user: 'dev',
group: 'dev',
mode: 0644
) }
endStack Overflow用户
发布于 2016-09-13 09:12:32
我已经回复了你的电子邮件,你想要allow_any_instance_of(::Vault)和类似的东西,如果模块(const_set(:Vault, Module.new))还不存在,你可能必须创建它。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/39458691
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号